Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS15525.roa
File: AS15525.roa (raw, json)
Hash identifier: Q/4zTZw5TUTQFBTzmAy4egDKOrGapMOqcummG5Z9b8Y=
Subject key identifier: EB:F9:DF:28:18:CD:AF:97:1D:2F:D5:7E:EA:04:F1:DA:61:49:1A:7D
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 360074C7A26CAEEA28EBEDFEB74A080ADB2995CA
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS15525.roa
Signing time: Wed 12 Feb 2025 17:23:14 +0000
ROA not before: Wed 12 Feb 2025 17:18:14 +0000
ROA not after: Wed 11 Feb 2026 17:23:14 +0000
asID: 15525
IP address blocks: 194.60.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:00:74:c7:a2:6c:ae:ea:28:eb:ed:fe:b7:4a:08:0a:db:29:95:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Feb 12 17:18:14 2025 GMT
Not After : Feb 11 17:23:14 2026 GMT
Subject: CN=EBF9DF2818CDAF971D2FD57EEA04F1DA61491A7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:83:9d:fd:1c:64:ff:5b:39:0e:57:42:2d:6e:
53:b8:4a:df:a3:a0:6f:fc:35:11:f7:47:2f:bf:eb:
2f:1c:66:3f:6a:36:02:e8:1b:1e:a5:41:1d:63:a7:
57:51:1b:b1:9c:81:f1:45:5e:91:77:06:6f:63:02:
c0:c7:21:5e:b9:17:25:20:64:19:37:1a:ec:7c:83:
e1:02:f3:e7:9e:f3:c8:bf:01:eb:e7:45:97:94:b7:
51:da:f5:eb:0b:8f:d2:f6:1c:2a:1c:17:b4:3b:f1:
24:4d:a3:6e:ba:f2:52:83:94:ce:23:ec:43:8b:e5:
38:46:77:99:e1:75:4d:70:4d:6c:39:45:28:6f:30:
2c:ad:07:5b:ae:2a:c5:b1:39:af:43:35:b7:36:20:
f6:4a:80:cc:2a:d7:38:91:4c:4c:25:da:a4:bf:7a:
b0:cb:28:4a:1a:3a:f2:c7:22:5c:91:87:9f:5c:cf:
03:c4:c5:c7:49:ab:1d:b3:1e:25:04:49:78:d2:b5:
79:2a:f8:f5:85:1c:7d:6b:fc:8b:85:e2:62:6f:c6:
95:1a:d7:c0:0a:6a:36:43:bc:27:ab:47:03:5f:9c:
ad:7b:06:11:3b:fe:ed:6c:e9:4f:45:5b:91:e8:a6:
c0:39:9a:f7:c9:86:4e:63:9d:81:5f:17:3d:19:fc:
cd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F9:DF:28:18:CD:AF:97:1D:2F:D5:7E:EA:04:F1:DA:61:49:1A:7D
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS15525.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.91.0/24
Signature Algorithm: sha256WithRSAEncryption
02:6a:56:82:49:3a:5f:0c:1a:7d:2a:f0:e4:d2:82:b2:af:28:
1b:a5:11:0d:79:5e:3e:50:42:c8:74:22:28:9f:33:29:e7:c4:
22:71:da:d0:8b:b3:8f:6a:ca:9b:85:75:d0:06:84:d4:da:06:
6f:cf:a4:fb:88:02:4b:ef:dc:55:4b:46:94:6f:cd:8a:55:63:
3d:61:26:bc:da:11:6c:46:9e:5d:86:1f:c3:2e:0e:90:d0:8d:
e8:d2:0e:e9:21:14:02:23:c2:61:42:ee:e8:70:80:ae:49:c8:
78:a5:26:b1:f8:95:7b:35:fe:ef:41:00:ae:f8:a0:e9:54:e7:
6e:ab:96:77:54:08:fb:a7:83:88:77:fe:49:83:b7:29:e4:3f:
41:aa:26:7b:b7:78:12:34:11:ec:a0:98:7c:19:44:b2:3a:89:
16:7f:7c:56:04:00:8a:92:8c:71:a1:6c:3c:37:ef:13:9b:7d:
21:09:23:a5:7e:9c:79:21:61:69:d4:25:c9:e2:a5:9b:1d:e0:
b5:47:58:b6:6d:d1:ab:53:1b:f0:8c:76:09:71:26:4d:6f:be:
16:d6:c6:d4:af:39:dd:68:ac:3d:56:04:42:85:cd:fb:b4:fa:
6f:b7:03:eb:1e:91:42:3f:4a:9f:f2:0c:b2:5b:25:fb:2f:19:
26:f5:e8:20
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUNgB0x6Jsruoo6+3+t0oICtsplcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAyMTIxNzE4MTRaFw0yNjAyMTExNzIzMTRaMDMxMTAvBgNV
BAMTKEVCRjlERjI4MThDREFGOTcxRDJGRDU3RUVBMDRGMURBNjE0OTFBN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDag539HGT/WzkOV0ItblO4St+j
oG/8NRH3Ry+/6y8cZj9qNgLoGx6lQR1jp1dRG7GcgfFFXpF3Bm9jAsDHIV65FyUg
ZBk3Gux8g+EC8+ee88i/AevnRZeUt1Ha9esLj9L2HCocF7Q78SRNo2668lKDlM4j
7EOL5ThGd5nhdU1wTWw5RShvMCytB1uuKsWxOa9DNbc2IPZKgMwq1ziRTEwl2qS/
erDLKEoaOvLHIlyRh59czwPExcdJqx2zHiUESXjStXkq+PWFHH1r/IuF4mJvxpUa
18AKajZDvCerRwNfnK17BhE7/u1s6U9FW5HopsA5mvfJhk5jnYFfFz0Z/M01AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU6/nfKBjNr5cdL9V+6gTx2mFJGn0wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTU1MjUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCPFsw
DQYJKoZIhvcNAQELBQADggEBAAJqVoJJOl8MGn0q8OTSgrKvKBulEQ15Xj5QQsh0
IiifMynnxCJx2tCLs49qypuFddAGhNTaBm/PpPuIAkvv3FVLRpRvzYpVYz1hJrza
EWxGnl2GH8MuDpDQjejSDukhFAIjwmFC7uhwgK5JyHilJrH4lXs1/u9BAK74oOlU
526rlndUCPung4h3/kmDtynkP0GqJnu3eBI0EeygmHwZRLI6iRZ/fFYEAIqSjHGh
bDw37xObfSEJI6V+nHkhYWnUJcnipZsd4LVHWLZt0atTG/CMdglxJk1vvhbWxtSv
Od1orD1WBEKFzfu0+m+3A+sekUI/Sp/yDLJbJfsvGSb16CA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:29 2025 by rpki-client